diff --git a/.claude/.gitkeep b/.claude/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/.claude/commands/.gitkeep b/.claude/commands/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/.claude/gemini-prompts/.gitkeep b/.claude/gemini-prompts/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/.claude/hooks/.gitkeep b/.claude/hooks/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/.claude/hooks/secret-file-guard.sh b/.claude/hooks/secret-file-guard.sh
deleted file mode 100644
index a4058a7..0000000
--- a/.claude/hooks/secret-file-guard.sh
+++ /dev/null
@@ -1,123 +0,0 @@
-#!/bin/bash
-# Secret File Guard Hook (Read/Write/Edit)
-#
-# BLOCK: Read, Write, and Edit tool calls targeting secret files.
-#
-# The Bash secret-guard.sh only covers shell commands. Agents bypass it by
-# using Read() to inspect secrets or Write() to render them in the permission
-# prompt (the leak happens at prompt-render time, before user approval).
-#
-# Environment: $CLAUDE_TOOL_INPUT_FILE_PATH contains the target file path
-# Matched tools: Read, Write, Edit (via settings.json PreToolUse matchers)
-#
-# Incident: 2026-03-09 — career agent wrote API key via Write(.dev.vars),
-# exposing it in the permission prompt and session transcript.
-
-set -e
-
-# Grep uses $CLAUDE_TOOL_INPUT_PATH, Read/Write/Edit use $CLAUDE_TOOL_INPUT_FILE_PATH
-file_path="$CLAUDE_TOOL_INPUT_FILE_PATH"
-if [ -z "$file_path" ]; then
-    file_path="$CLAUDE_TOOL_INPUT_PATH"
-fi
-
-# Skip empty paths
-if [ -z "$file_path" ]; then
-    exit 0
-fi
-
-# Normalize: extract just the filename (handle both Windows and Unix paths)
-filename=$(basename "$file_path")
-
-# Also get the full path lowercased for pattern matching
-file_path_lower=$(echo "$file_path" | tr '[:upper:]' '[:lower:]')
-
-# ---------------------------------------------------------------------------
-# Pattern 1: Secret dotfiles (.env, .env.*, .dev.vars)
-# ---------------------------------------------------------------------------
-if [[ "$filename" == ".env" ]] ||
-   [[ "$filename" =~ ^\.env\. ]] ||
-   [[ "$filename" == ".dev.vars" ]]; then
-    echo "" >&2
-    echo "========================================" >&2
-    echo "BLOCKED: Secret File Guard" >&2
-    echo "========================================" >&2
-    echo "" >&2
-    echo "REJECTED: $CLAUDE_TOOL_NAME($file_path)" >&2
-    echo "" >&2
-    echo "Secret files (.env, .env.*, .dev.vars) must never be read," >&2
-    echo "written, or edited by Claude — session transcripts and" >&2
-    echo "permission prompts capture content in plaintext." >&2
-    echo "" >&2
-    echo "For Write: the secret is leaked the moment the permission" >&2
-    echo "prompt renders, BEFORE the user can approve or deny." >&2
-    echo "" >&2
-    echo "To update secrets: tell the user to run the command in their" >&2
-    echo "own terminal, or use a deployment script that reads from env." >&2
-    echo "" >&2
-    exit 1
-fi
-
-# ---------------------------------------------------------------------------
-# Pattern 2: AWS credentials
-# ---------------------------------------------------------------------------
-if [[ "$file_path_lower" =~ \.aws/(credentials|config) ]]; then
-    echo "" >&2
-    echo "========================================" >&2
-    echo "BLOCKED: Secret File Guard" >&2
-    echo "========================================" >&2
-    echo "" >&2
-    echo "REJECTED: $CLAUDE_TOOL_NAME($file_path)" >&2
-    echo "" >&2
-    echo "AWS credential files must never be accessed by Claude." >&2
-    echo "Use boto3 or os.environ.get() in Python instead." >&2
-    echo "" >&2
-    exit 1
-fi
-
-# ---------------------------------------------------------------------------
-# Pattern 3: Files with secret/credential/token in the name
-# ---------------------------------------------------------------------------
-filename_lower=$(echo "$filename" | tr '[:upper:]' '[:lower:]')
-if [[ "$filename_lower" =~ secret ]] ||
-   [[ "$filename_lower" =~ credential ]] ||
-   [[ "$filename_lower" =~ private.key ]] ||
-   [[ "$filename_lower" =~ \.pem$ ]]; then
-    echo "" >&2
-    echo "========================================" >&2
-    echo "BLOCKED: Secret File Guard" >&2
-    echo "========================================" >&2
-    echo "" >&2
-    echo "REJECTED: $CLAUDE_TOOL_NAME($file_path)" >&2
-    echo "" >&2
-    echo "Files with 'secret', 'credential', or 'private.key' in the name" >&2
-    echo "are presumed to contain sensitive material." >&2
-    echo "" >&2
-    exit 1
-fi
-
-# ---------------------------------------------------------------------------
-# Pattern 4: Grep glob targeting secret files
-# Issue #714 bypass #14: Grep(path=".dev.vars") or Grep(glob=".env*")
-# ---------------------------------------------------------------------------
-grep_glob="$CLAUDE_TOOL_INPUT_GLOB"
-if [ -n "$grep_glob" ]; then
-    grep_glob_lower=$(printf '%s' "$grep_glob" | tr '[:upper:]' '[:lower:]')
-    if [[ "$grep_glob_lower" =~ \.env ]] ||
-       [[ "$grep_glob_lower" =~ \.dev\.vars ]] ||
-       [[ "$grep_glob_lower" =~ \.dev\. ]]; then
-        echo "" >&2
-        echo "========================================" >&2
-        echo "BLOCKED: Secret File Guard" >&2
-        echo "========================================" >&2
-        echo "" >&2
-        echo "REJECTED: $CLAUDE_TOOL_NAME(glob=$grep_glob)" >&2
-        echo "" >&2
-        echo "Grep glob pattern targets secret files." >&2
-        echo "" >&2
-        exit 1
-    fi
-fi
-
-# No violations, allow tool call
-exit 0
diff --git a/.claude/project.json b/.claude/project.json
deleted file mode 100644
index 9aac731..0000000
--- a/.claude/project.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-  "variables": {
-    "PROJECT_ROOT": "/c/Users/mcwiz/Projects/silphe",
-    "PROJECT_ROOT_WINDOWS": "C:\\Users\\mcwiz\\Projects\\silphe",
-    "PROJECT_NAME": "silphe",
-    "GITHUB_REPO": "martymcenroe/silphe",
-    "TOOLS_DIR": "/c/Users/mcwiz/Projects/silphe/tools",
-    "WORKTREE_PATTERN": "silphe-{ID}"
-  },
-  "inherit_from": "C:\\Users\\mcwiz\\Projects\\AssemblyZero"
-}
diff --git a/.claude/settings.json b/.claude/settings.json
deleted file mode 100644
index 433e06e..0000000
--- a/.claude/settings.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
-  "hooks": {
-    "PreToolUse": [
-      {
-        "matcher": "Read|Write|Edit|Grep|NotebookEdit",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "bash /c/Users/mcwiz/Projects/silphe/.claude/hooks/secret-file-guard.sh",
-            "timeout": 5,
-            "description": "Secret File Guard (blocks file tools on .env, credentials)"
-          }
-        ]
-      }
-    ],
-    "PostToolUse": []
-  }
-}
diff --git a/.gitignore b/.gitignore
index a4e70bf..5ac364b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -73,3 +73,12 @@ recordings/
 # the parked artifacts don't pollute git status across the fleet.
 *.bak
 *.parked-*
+
+# --- Agent / AssemblyZero workflow artifacts — local-only, kept out of the public product repo ---
+CLAUDE.md
+GEMINI.md
+.claude/
+**/.gitkeep
+docs/session-logs/
+docs/lessons-learned.md
+docs/handoff*
diff --git a/CLAUDE.md b/CLAUDE.md
deleted file mode 100644
index ced6a3e..0000000
--- a/CLAUDE.md
+++ /dev/null
@@ -1,30 +0,0 @@
-# CLAUDE.md - silphe Project
-
-You are a team member on the silphe project, not a tool.
-
-## Project Identifiers
-
-- **Repository:** `martymcenroe/silphe`
-- **Project Root (Windows):** `C:\Users\mcwiz\Projects\silphe`
-- **Project Root (Unix):** `/c/Users/mcwiz/Projects/silphe`
-- **Worktree Pattern:** `silphe-{IssueID}` (e.g., `silphe-45`)
-
-## Project-Specific Context
-
-_TODO: Add tech stack, architecture, file map, project-type-specific notes,
-and any workflow overrides specific to this project. The universal
-CLAUDE.md (auto-loaded by Claude Code's parent-directory traversal) covers
-fleet-wide rules -- this file only adds what's true for THIS repo
-specifically. Restating universal content here creates drift on every
-universal-CLAUDE.md edit (ADR 0219)._
-
-## Data Directories
-
-- `data/`: ephemeral session artifacts (transcripts, run logs, pickup state). Ignored by the fleet-wide global gitignore; not committed.
-- `data-g/`: source-of-truth data the runtime treats as authoritative (rosters, corpora, configs). Git-tracked for durability. See `data-g/README.md`. (AssemblyZero #1563.)
-
-## Workflow Overrides
-
-_None yet. If this project needs to override any universal CLAUDE.md
-rule (e.g., a custom merge tool, a special test convention), document
-the override here with explicit language ("override") per ADR 0219._
diff --git a/GEMINI.md b/GEMINI.md
deleted file mode 100644
index 8f0a1c0..0000000
--- a/GEMINI.md
+++ /dev/null
@@ -1,55 +0,0 @@
-# Gemini Operational Protocols
-
-## FIRST: Read Core Rules
-
-**Before doing any work, read the AssemblyZero core rules:**
-`C:\Users\mcwiz\Projects\AssemblyZero\CLAUDE.md`
-
-That file contains core rules that apply to ALL projects and ALL agents:
-- Bash command rules (no &&, |, ;)
-- Path format rules
-- Worktree isolation rules
-- Decision-making protocol
-
----
-
-## 1. Session Initialization (The Handshake)
-
-**CRITICAL:** When a session begins:
-1. **Analyze:** Silently parse the provided `git status` or issue context.
-2. **Halt & Ask:** Your **FIRST** output must be exactly:
-   > "ACK. State determination complete. Please identify my model version."
-3. **Wait:** Do not proceed until the user replies (e.g., "3.0 Pro").
-4. **Update Identity:** Incorporate the version into your Metadata Tag for all future turns.
-
----
-
-## 2. Execution Rules
-
-- **Authority:** `AssemblyZero:standards/0002-coding-standards` is the law for Git workflows.
-- **One Step Per Turn:** Provide one distinct step, then wait for confirmation.
-- **Check First:** Verify paths/content before changing them.
-- **Copy-Paste Ready:** No placeholders. Use heredocs for new files.
-
----
-
-## 3. Project-Specific Context
-
-**Project:** silphe
-**Repository:** martymcenroe/silphe
-**Project Root (Windows):** C:\Users\mcwiz\Projects\silphe
-**Project Root (Unix):** /c/Users/mcwiz/Projects/silphe
-
----
-
-## 4. Session Logging
-
-At session end, append a summary to `docs/session-logs/YYYY-MM-DD.md`:
-- **Day boundary:** 3:00 AM CT to following day 2:59 AM CT
-- **Include:** date/time, model name (from handshake), summary, files touched, state on exit
-
----
-
-## 5. You Are Not Alone
-
-Other agents (Claude, human orchestrators) work on this project. Check `docs/session-logs/` for recent context before starting work.
diff --git a/data-g/README.md b/data-g/README.md
deleted file mode 100644
index 8300426..0000000
--- a/data-g/README.md
+++ /dev/null
@@ -1,18 +0,0 @@
-# data-g/ -- git-tracked data
-
-Source-of-truth data files that must persist in GitHub live here.
-
-The fleet-wide global gitignore ignores `data/` so ephemeral session artifacts
-(transcripts, run logs, pickup state) never land in git. That is the right
-default for throwaway state -- but it silently drops authoritative work product
-too. Anything the runtime reads as canonical input -- roster files, corpora,
-recipient lists, convergence configs -- belongs in `data-g/`, which the global
-ignore does NOT match.
-
-| Path | Tracked? | Use for |
-|------|----------|---------|
-| `data/`   | No (global gitignore) | Session transcripts, pickup state, throwaway run output |
-| `data-g/` | Yes                   | Source-of-truth: rosters, corpora, configs the runtime depends on |
-
-Rule of thumb: if losing the file on a machine wipe would hurt, it goes in
-`data-g/`. (Convention established in AssemblyZero #1563.)
diff --git a/docs/.gitkeep b/docs/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/adrs/.gitkeep b/docs/adrs/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/audit-results/.gitkeep b/docs/audit-results/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/design/.gitkeep b/docs/design/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/legal/.gitkeep b/docs/legal/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/lineage/.gitkeep b/docs/lineage/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/lineage/active/.gitkeep b/docs/lineage/active/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/lineage/done/.gitkeep b/docs/lineage/done/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/lld/.gitkeep b/docs/lld/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/lld/active/.gitkeep b/docs/lld/active/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/lld/done/.gitkeep b/docs/lld/done/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/media/.gitkeep b/docs/media/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/reports/.gitkeep b/docs/reports/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/reports/active/.gitkeep b/docs/reports/active/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/reports/done/.gitkeep b/docs/reports/done/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/runbooks/.gitkeep b/docs/runbooks/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/standards/.gitkeep b/docs/standards/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/docs/templates/.gitkeep b/docs/templates/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/src/.gitkeep b/src/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/.gitkeep b/tests/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/accessibility/.gitkeep b/tests/accessibility/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/benchmark/.gitkeep b/tests/benchmark/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/compliance/.gitkeep b/tests/compliance/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/contract/.gitkeep b/tests/contract/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/e2e/.gitkeep b/tests/e2e/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/fixtures/.gitkeep b/tests/fixtures/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/harness/.gitkeep b/tests/harness/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/integration/.gitkeep b/tests/integration/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/security/.gitkeep b/tests/security/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/smoke/.gitkeep b/tests/smoke/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/unit/.gitkeep b/tests/unit/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tests/visual/.gitkeep b/tests/visual/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/tools/.gitkeep b/tools/.gitkeep
deleted file mode 100644
index e69de29..0000000